Update CHANGELOG.md for 13.0.12

[ci skip]
parent bf193ebe
......@@ -1598,6 +1598,22 @@ entry.
- Remove removeIssue logic from list model. (nuwe1)
## 13.0.12 (2020-08-05)
### Security (10 changes)
- Add decompressed archive size validation on Project/Group Import. !562
- Enforce 2FA on Doorkeeper controllers.
- Refresh project authorizations when transferring groups.
- Stop excess logs from failure to send invite email when group no longer exists.
- Verify confirmed email for OAuth Authorize POST endpoint.
- Revoke OAuth grants when a user revokes an application.
- Fix XSS in Markdown reference tooltips.
- Fix XSS in milestone tooltips.
- Fix xss vulnerability on jobs view.
- Block 40-character hexadecimal branches.
## 13.0.11 (2020-08-05)
This version has been skipped due to packaging problems.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment